Vulnerabilities > CVE-2020-6967 - Deserialization of Untrusted Data vulnerability in Rockwellautomation Factorytalk Services Platform
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |